AMENDMENTS TO THE CLAIMS 



All pending claims are reproduced below: 

1 . (Currently amended) Apparatus for empirically adjusting access to a database, 
said apparatus comprising: 

coupled to the database, a database discovery module for determining database 
structure and authorized accesses to the database; 

coupled to the database, a command monitoring module for monitoring actual 
accesses to the database; and 

coupled to the database discovery module and to the command monitoring module, 
an analysis module for comparing actual accesses with authorized accesses 
and for adjusting authorized accesses taking into account results of the 
comparing to deny database access to operations by certain users on database 
tables and columns that were authorized but not observed bv the command 
monitoring module . 

2. (Original) Apparatus of claim 1 further comprising, coupled to the database 
discovery module and to the analysis module, a storage area for accumulating data generated by 
the command monitoring module. 

3. (Original) Apparatus of claim 1 wherein the command monitoring module is a 

sniffer. 

4. (Original) Apparatus of claim 1 wherein the database is a relational database 
accessed by a structured query language. 

5. (Currently amended) A computer-implemented method for empirically adjusting 
access to a database, said method comprising the steps of: 

discovering authorized accesses to the database; 

observing actual accesses to the database; 

comparing actual accesses with authorized accesses; and 
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adjusting authorized database accesses taking into account results of the comparing 
step to deny database access to operations by certain users on database tables 
and columns that were authorized but were not obseryed during the obserying 
step . 

6. (Original) The method of claim 5 further comprising the step of generating at 
least one third party report based upon obserying actual accesses to the database. 

7. (Canceled) 

8. (Original) The method of claim 5 wherein the discoyering step uncoyers any: 
tables of the database; 

columns of the database; 

authorized users of the database; 

yiews of the database; 

stored procedures of the database; 

user-defined functions of the database; and 

triggers of the database. 

9. (Currently amended) The method of claim 5 wherein the adjusting step further 
comprises at least one of: 

suggesting revised database access control settings to a database administrator; 
automatically hardening the database for all times of day; 
automatically hardening the database selectiyely based on time of day; 
alerting a database administrator; and 

continuing to monitor accesses to the database after conclusion of the obserying step. 
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10. (Original) The method of claim 9 wherein the database is automatically hardened 
using standard SQL commands. 

1 1 . (Original) The method of claim 9 wherein the database is automatically hardened 
using database specific apphcation programming interfaces. 

12. (Original) The method of claim 5 wherein the observing step has a preselected 
duration. 

13. (Original) The method of claim 5 wherein the observing step is performed until a 
preselected quantity of actual accesses have been observed. 

14. (Currently amended) A computer-readable medium containing computer program 
instructions for empirically adjusting access to a database, said computer program instructions 
performing the steps of: 

discovering authorized accesses to the database; 

observing actual accesses to the database; 

comparing actual accesses with authorized accesses; and 

adjusting authorized database accesses taking into account results of the comparing 
step to deny database access to operations by certain users on database tables 
and columns that were authorized but were not observed during the observing 
step . 

15. (Original) The computer-readable medium of claim 14 further comprising the 
step of generating at least one third party report based upon observing actual accesses to the 
database. 

16. (Canceled) 

17. (Original) The computer-readable medium of claim 14 wherein the discovering 
step uncovers any: 

tables of the database; 
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columns of the database; 

authorized users of the database; 

views of the database; 

stored procedures of the database; 

user-defined functions of the database; and 

triggers of the database. 

18. (Currently amended) The computer-readable medium of claim 14 wherein the 
adjusting step further comprises at least one of: 

suggesting revised database access control settings to a database administrator; 
automatically hardening the database for all times of day; 
automatically hardening the database selectively based on time of day; 
alerting a database administrator; and 

continuing to monitor accesses to the database after conclusion of the observing step. 

19. (Original) The computer-readable medium of claim 18 wherein the database is 
automatically hardened using standard SQL commands. 

20. (Original) The computer-readable medium of claim 18 wherein the database is 
automatically hardened using database specific application programming interfaces. 

21 . (Original) The computer-readable medium of claim 14 wherein the observing 
step has a preselected duration. 

22. (Original) The computer-readable medium of claim 14 wherein the observing 
step is performed until a preselected quantity of actual accesses have been observed. 
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